﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Globalization;
using System.Data;
using System.Configuration;
using System.Web.Security;

public partial class LogInPage : System.Web.UI.Page
{
    string mLastError = string.Empty;
    ServerObject mServerObject = null;

    protected override void InitializeCulture()
    {
        System.Threading.Thread.CurrentThread.CurrentCulture = CultureInfo.CreateSpecificCulture(HttpContext.Current.Request.UserLanguages[0]);
        System.Threading.Thread.CurrentThread.CurrentUICulture = new CultureInfo(HttpContext.Current.Request.UserLanguages[0]);

        base.InitializeCulture();
    }

     protected void Page_Load(object sender, EventArgs e)
    {
        mServerObject = new ServerObject();
        // If already logged in
        DataTable userData = (DataTable)Session["UserData"];
        string userName = string.Empty;

        if (userData != null && userData.Rows.Count == 1 && userData.Columns.Contains("passwordstatus"))
        {
            userName = (string)userData.Rows[0]["login"];
            int passwordStatus = 0;
            int.TryParse(userData.Rows[0]["passwordstatus"].ToString(), out passwordStatus);

            // if user is active 
            if (userName != string.Empty && passwordStatus == 1)
            {
                FormsAuthentication.RedirectFromLoginPage(userName, false);
            }
        }
    }

    protected void submitButton_Click(object sender, EventArgs e)
    {
        // sleep a while to harden brute-force login hacking
        int millisecondsToSleep = 3000;
        System.Threading.Thread.Sleep(millisecondsToSleep);

        string userIP = " IP:" + Request.UserHostAddress;
        try
        {
            errorLabel.Text = string.Empty;

            string username = userNameTextBox.Text.Trim();
            string password = passwordTextBox.Text;

            string bypassers = ConfigurationManager.AppSettings["allowBypassMaintenanceMode"];

            if (mServerObject.LoginFrontEnd(username, password))
            {
                Session["UserData"] = mServerObject.UserData;
                Session["ServerModule"] = mServerObject;

                Response.Redirect("Default.aspx?area=orgForm", true);
                //FormsAuthentication.RedirectFromLoginPage(username, false);
            }
            else
            {
                if (mServerObject.LoginBackEnd(username, password))
                {
                    Session["UserData"] = mServerObject.UserData;
                    Session["ServerModule"] = mServerObject;

                    FormsAuthentication.RedirectFromLoginPage(username, false);
                }
                else
                {
                    errorLabel.Text = "Login failed. Incorrect user name or password.";
                }
            }
        }
        catch (Exception ex)
        {
            errorLabel.Text = ex.Message;
        }
    }
}